Gonzales, VA secretary say no indication of misuse

FOR MORE INORMATION

YOUR E-MAIL ALERTS

WASHINGTON (CNN) -- Federal agents are trying to recover personal data on more than 26 million U.S. veterans after an apparently random burglary at the home of a computer analyst, Veterans Affairs Secretary Jim Nicholson said Monday.

Burglars made off with a computer disc that contained the veterans' names, Social Security numbers and birth dates during a break-in this month at the home of a department data analyst, Nicholson told reporters.

Nicholson and Attorney General Alberto Gonzales said there was no indication that the information has been misused.

Nicholson said the analyst has been placed on administrative leave during the investigation but that no "ulterior motive" is suspected. The analyst is a longtime employee of the department but was not authorized to take the information home, he said.

"He took this home to work with it on a project he was working on, in clear violation of policies and procedures," the secretary said.

Nicholson disclosed few details about the theft, citing an investigation by his department's inspector general and the FBI. But he told CNN earlier, "We think that it wasn't a targeted burglary."

"They weren't after this [data]," he told CNN. "There's a pattern of these kind of burglaries in this neighborhood."

Nicholson said the theft is "disturbing," but that there is no immediate reason for veterans to believe "anything unsavory is going on."

But the missing information could be gold for electronic identity thieves, who operate hundreds of Internet sites where personal information is bought and sold.

"It's a pretty dire situation," said Rutrell Yasin, technology editor of Federal Computer Week, which covers computer and information technology issues in the federal government. "You have to hope that information is not in the hands of people who know what to do with it."

Yasin said the incident should be a wake-up call to federal agencies.

"They should certainly have the necessary security on their computers, secure communications links that would protect personal data," Yasin told CNN.

"We have no reason to believe at this time that the identity of these veterans have been compromised," he said. "But we feel an obligation to alert veterans so that they can take the appropriate steps to protect this information."

The VA sent a letter to veterans informing them of the stolen data. Anyone with questions can contact the agency at 1-800-333-4636 or through the federal government's Web portal, www.firstgov.gov.

The FBI said its Baltimore, Maryland, field office is investigating the incident, and Gonzales said the bureau was working in conjunction with local authorities.

Nicholson vowed to take steps to ensure such a mistake is not repeated, including mandatory security training in the next month for all employees with access to private information.

Hearings vowed

Several members of Congress expressed concerns about the incident.

Sen. Larry Craig, chairman of the Veterans Affairs Committee, said Monday that all veterans should be "vigilant" in monitoring their own financial information for suspicious activity.

"I've got to ask -- and certainly I have to ask it of not only the VA but all of government -- why can a data analyst take all of this information home?" the Idaho Republican told CNN. "That's a breach of security -- in today's concern about ID theft -- that is huge.

"Of course, I think it awakened the secretary to the vulnerability within his own organization, and that's true, I would guess, across government," he said.

Craig said authorities were still not certain whether the burglary was targeted or random, and he promised hearings "at the appropriate time."

"This is something now that really deserves our overview and a review by all of government as it relates to this kind of information and how it is being handled," he said.

Rep. Steve Buyer, Craig's counterpart in the House, said he is "deeply concerned" by the stolen data.

"I expect VA's inspector general and the FBI to work closely together so that we can identify and eliminate the flaws that allowed this leak and prosecute any criminal acts," the Indiana Republican said in a written statement.

"I know that VA is taking steps to notify veterans and provide help on consumer identity protection. The committee will examine this incident in the context of previous data compromises, to ensure that veterans' information is safeguarded," he said.